Gentoo Local Security Checks : Gentoo Security Advisory GLSA 201211-01 (MantisBT)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.72582
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 201211-01 (MantisBT)
Resumen:	The remote host is missing updates announced in;advisory GLSA 201211-01.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 201211-01. Vulnerability Insight: Multiple vulnerabilities have been found in MantisBT, the worst of which allowing for local file inclusion. Solution: All MantisBT users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-apps/mantisbt-1.2.11' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3303 41653 http://secunia.com/advisories/41653 43604 http://www.securityfocus.com/bid/43604 51199 http://secunia.com/advisories/51199 ADV-2010-2535 http://www.vupen.com/english/advisories/2010/2535 FEDORA-2010-15061 http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048548.html FEDORA-2010-15080 http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048639.html FEDORA-2010-15082 http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048659.html GLSA-201211-01 http://security.gentoo.org/glsa/glsa-201211-01.xml [oss-security] 20100914 CVE request: mantis before 1.2.3 (XSS) http://www.openwall.com/lists/oss-security/2010/09/14/12 [oss-security] 20100914 Re: CVE request: mantis before 1.2.3 (XSS) http://www.openwall.com/lists/oss-security/2010/09/14/13 http://www.openwall.com/lists/oss-security/2010/09/14/19 [oss-security] 20100916 Re: CVE request: mantis before 1.2.3 (XSS) http://www.openwall.com/lists/oss-security/2010/09/16/16 http://www.mantisbt.org/bugs/changelog_page.php?version_id=111 http://www.mantisbt.org/bugs/view.php?id=12231 http://www.mantisbt.org/bugs/view.php?id=12232 http://www.mantisbt.org/bugs/view.php?id=12234 http://www.mantisbt.org/bugs/view.php?id=12238 Common Vulnerability Exposure (CVE) ID: CVE-2010-3763 BugTraq ID: 43837 http://www.securityfocus.com/bid/43837 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052721.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052730.html http://secunia.com/advisories/42772 http://www.vupen.com/english/advisories/2011/0002 Common Vulnerability Exposure (CVE) ID: CVE-2010-4348 42772 ADV-2011-0002 FEDORA-2010-19070 FEDORA-2010-19078 [oss-security] 20101215 CVE request: MantisBT <=1.2.3 (db_type) Cross-Site Scripting & Path Disclosure Vulnerability http://openwall.com/lists/oss-security/2010/12/15/4 [oss-security] 20101216 Re: CVE request: MantisBT <=1.2.3 (db_type) Cross-Site Scripting & Path Disclosure Vulnerability http://openwall.com/lists/oss-security/2010/12/16/1 http://www.mantisbt.org/blog/?p=123 http://www.mantisbt.org/bugs/changelog_page.php?version_id=112 http://www.mantisbt.org/bugs/view.php?id=12607 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4983.php https://bugzilla.redhat.com/show_bug.cgi?id=663230 Common Vulnerability Exposure (CVE) ID: CVE-2010-4349 mantisbt-dbtype-path-disclosure(64463) https://exchange.xforce.ibmcloud.com/vulnerabilities/64463 Common Vulnerability Exposure (CVE) ID: CVE-2010-4350 [oss-security] 20101215 CVE request: MantisBT <=1.2.3 (db_type) Local File Inclusion Vulnerability http://openwall.com/lists/oss-security/2010/12/15/5 [oss-security] 20101216 Re: CVE request: MantisBT <=1.2.3 (db_type) Local File Inclusion Vulnerability http://openwall.com/lists/oss-security/2010/12/16/2 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4984.php Common Vulnerability Exposure (CVE) ID: CVE-2011-2938 BugTraq ID: 49235 http://www.securityfocus.com/bid/49235 http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066061.html http://packetstormsecurity.org/files/104149 http://www.openwall.com/lists/oss-security/2011/08/18/7 http://www.openwall.com/lists/oss-security/2011/08/19/16 http://securityreason.com/securityalert/8391 Common Vulnerability Exposure (CVE) ID: CVE-2011-3356 BugTraq ID: 49448 http://www.securityfocus.com/bid/49448 Bugtraq: 20110905 Multiple vulnerabilities in MantisBT (Google Search) http://www.securityfocus.com/archive/1/519547/100/0/threaded https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_mantisbt.html http://lists.debian.org/debian-security-tracker/2011/09/msg00012.html http://www.openwall.com/lists/oss-security/2011/09/04/1 http://www.openwall.com/lists/oss-security/2011/09/09/9 http://securityreason.com/securityalert/8392 XForce ISS Database: mantisbt-unspecified-xss(69587) https://exchange.xforce.ibmcloud.com/vulnerabilities/69587 Common Vulnerability Exposure (CVE) ID: CVE-2011-3357 Debian Security Information: DSA-2308 (Google Search) http://www.debian.org/security/2011/dsa-2308 http://www.openwall.com/lists/oss-security/2011/09/04/2 http://secunia.com/advisories/45961 XForce ISS Database: mantisbt-action-file-include(69588) https://exchange.xforce.ibmcloud.com/vulnerabilities/69588 Common Vulnerability Exposure (CVE) ID: CVE-2011-3358 XForce ISS Database: mantisbt-bugreportpage-xss(69589) https://exchange.xforce.ibmcloud.com/vulnerabilities/69589 Common Vulnerability Exposure (CVE) ID: CVE-2011-3578 Common Vulnerability Exposure (CVE) ID: CVE-2011-3755 http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/mantisbt-1.2.4 http://www.openwall.com/lists/oss-security/2011/06/27/6 Common Vulnerability Exposure (CVE) ID: CVE-2012-1118 48258 http://secunia.com/advisories/48258 49572 http://secunia.com/advisories/49572 52313 http://www.securityfocus.com/bid/52313 DSA-2500 http://www.debian.org/security/2012/dsa-2500 FEDORA-2012-18273 http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html FEDORA-2012-18294 http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html FEDORA-2012-18299 http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html [oss-security] 20120306 Re: CVE request: mantisbt before 1.2.9 http://www.openwall.com/lists/oss-security/2012/03/06/9 http://www.mantisbt.org/bugs/changelog_page.php?version_id=140 http://www.mantisbt.org/bugs/view.php?id=10124 https://github.com/mantisbt/mantisbt/commit/eb803ed02105fc919cf5f789e939f2b824162927 Common Vulnerability Exposure (CVE) ID: CVE-2012-1119 http://www.mantisbt.org/bugs/view.php?id=13816 https://github.com/mantisbt/mantisbt/commit/cf5df427f17cf9204645f83e000665780eb9afe6 https://github.com/mantisbt/mantisbt/commit/dea7e315f3fc96dfa995e56e8810845fc07a47aa Common Vulnerability Exposure (CVE) ID: CVE-2012-1120 http://www.mantisbt.org/bugs/view.php?id=13656 https://github.com/mantisbt/mantisbt/commit/df7782a65e96aa1c9639a7625a658102134c7fe0 Common Vulnerability Exposure (CVE) ID: CVE-2012-1121 http://www.mantisbt.org/bugs/view.php?id=13561 https://github.com/mantisbt/mantisbt/commit/9443258724e84cb388aa1865b775beaecd80596d Common Vulnerability Exposure (CVE) ID: CVE-2012-1122 http://www.mantisbt.org/bugs/view.php?id=13748 https://github.com/mantisbt/mantisbt/commit/0da3f7ace233208eb3c8d628cc2fd6e56d83839f Common Vulnerability Exposure (CVE) ID: CVE-2012-1123 http://www.mantisbt.org/bugs/view.php?id=13901 https://github.com/mantisbt/mantisbt/commit/f5106be52cf6aa72c521f388e4abb5f0de1f1d7f Common Vulnerability Exposure (CVE) ID: CVE-2012-2691 49414 http://secunia.com/advisories/49414 53907 http://www.securityfocus.com/bid/53907 56467 http://www.securityfocus.com/bid/56467 [oss-security] 20120609 CVE requests (x2) for Mantis Bug Tracker (MantisBT) before 1.2.11 http://www.openwall.com/lists/oss-security/2012/06/09/1 [oss-security] 20120611 Re: CVE requests (x2) for Mantis Bug Tracker (MantisBT) before 1.2.11 http://www.openwall.com/lists/oss-security/2012/06/11/6 http://www.mantisbt.org/bugs/changelog_page.php?version_id=148 http://www.mantisbt.org/bugs/view.php?id=14340 https://github.com/mantisbt/mantisbt/commit/175d973105fe9f03a37ced537b742611631067e0 https://github.com/mantisbt/mantisbt/commit/edc8142bb8ac0ac0df1a3824d78c15f4015d959e mantisbt-soapapi-sec-bypass(76180) https://exchange.xforce.ibmcloud.com/vulnerabilities/76180 Common Vulnerability Exposure (CVE) ID: CVE-2012-2692 53921 http://www.securityfocus.com/bid/53921 http://www.mantisbt.org/bugs/view.php?id=14016 https://github.com/mantisbt/mantisbt/commit/ceafe6f0c679411b81368052633a63dd3ca06d9c
Copyright	Copyright (C) 2012 E-Soft Inc.